01. Which type of encryption poses challenges to key transport?
a) Asymmetric-key encryption
b) Hash encryption
c) Symmetric-key encryption
d) Diffie-Hellman
02. In relation to security, which of the following is the primary benefit of classifying systems?
a) Ability to identify common attacks
b) Identification of highest-priority systems to protect
c) Ability to recover quickly from a natural or man-made disaster
d) Collection of information for properly configuring the firewall
03. Which of the following constitutes a problem when conducting a reverse scan?
a) IP address spoofing
b) SYN floods
c) Default settings on target systems
d) An older system kernel
04. Your firewall is configured to forbid all internal traffic from going out to the Internet. You want to allow internal clients to access all Web traffic. At a minimum, what ports must you open in regards to the internal systems?
a) TCP Port 80 and all ports above 1023
b) TCP Ports 80 and 443, and all ports above 1023
c) All TCP ports above 80 and below 1023
d) TCP Ports 80 and 443
05. Which two protocols can be found at the transport layer of the TCP/IP stack?
a) File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP)
b) Internet Protocol (IP) and Internet Control Message Protocol (ICMP)
c) Post Office Protocol 3 (POP3) and Simple Mail Transfer Protocol (SMTP)
d) Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
06. To implement a successful security system, you should:
a) use as many security principles and techniques as you can to protect each resource.
b) place your firewall and network in a public area so that authorized users have easy access to them to solve problems as they occur.
c) implement beta software and operating systems that hold the promise of enhanced security measures.
d) find a product that can offer full protection against all threats.
07. What would be the result if you were the recipient of a SYN flood or malformed packet?
a) You would be unable to access a legitimate service, such as establishing a network connection.
b) The files on your boot sector would be replaced with infected code.
c) A virus would be unleashed on your system at the time the SYN flood or malformed packet was received.
d) You would be misdirected to a fraudulent Web site without your knowledge or consent.
08. How do activity logs help to implement and maintain a security plan?
a) Activity logs provide advice on firewall installation, because they enable network baseline creation.
b) Activity logs remind users to log on with strong passwords, because the logs can be analyzed to see if users are complying with policy.
c) Activity logs allow you to determine if and how an unauthorized activity occurred.
d) Activity logs dissuade would-be hackers from breaching your security.
09. Which of the following is a primary auditing activity?
a) Encrypting data files
b) Changing login accounts
c) Checking log files
d) Configuring the firewall
10. Which of the following security measures presents the most risk?
a) A firewall application
b) A tripwire
c) A jail
d) A login script
The purpose of this Sample Question Set is to provide you with information about the CIW Web Security Associate exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the 1D0-571 certification test. To get familiar with real exam environment, we suggest you try our Sample CIW Web Security Associate Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CIW Web Security Associate certification exam.